Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
organisations overall cyber security strategy. The National Cyber Security Centre
Cyber Security
recommends you review this regime together with the nine associated security areas
described below, in order to protect your business against the majority of cyber attacks.
pp
Incident
rit
and awareness
or
io
management
pr
tin
Produce user security policies
covering acceptable and secure
gr
ka
Establish an incident
use of your systems. Include response and disaster
isk
Make cyber ris
in staff training. Maintain recovery capability. Test your incident
awareness of cyber risks. management plans. Provide specialist
management pol
Set up your Risk training. Report criminal incidents to
law enforcement.
Malware Management Regime
Assess the risks to your organisations information
prevention and systems with the same vigour you would for legal, Monitoring
Produce relevant policies regulatory, financial or operational risks. To achieve
and establish anti-malware this, embed a Risk Management Regime across Establish a monitoring
defences across your your organisation, supported by the Board strategy and produce
organisation. and senior managers. supporting policies.
i
Continuously monitor all systems and
cies
networks. Analyse logs for unusual
activity that could indicate an attack.
Removable
media controls
Produce a policy to control all Home and
access to removable media. Limit De mobile working
ter
media types and use. Scan all media min petite
for malware before importing onto the e your risk ap Develop a mobile working
corporate system. policy and train staff to adhere
to it. Apply the secure baseline
and build to all devices. Protect
data both in transit and at rest.
Secure configuration
Apply security patches and ensure the
secure configuration of all systems is
maintained. Create a system inventory
and define a baseline build for all devices. For more information go to www.ncsc.gov.uk @ncsc